const userAgent = require('useragent');
// const {isString} =require('loadsh')
module.exports={
    authToken:(req,res,next)=>{
        if(req.baseUrl!=='/user/login' && req.baseUrl!=='/'){
            const {authorization} = req.headers;
            const agent = userAgent.parse(req.headers['user-agent']);
            const osAgent = agent.os;
            let username,sendUsername;
            if(authorization){
                username=authorization.split('-')[0]
            }
            //校准username
            if(req.body.username && !req.body.operateUser){
                req.body={...req.body,username}
            }
            if(req.params.username && !req.params.operateUser){
                req.params={...req.params,username}
            }
            //需要校验的权限
            if(global.authLimitList.includes(req.baseUrl) && !global.authBtnList[username].includes(req.baseUrl)){
                return res.send({
                    code:1,
                    msg:'你想干啥？'
                })
            }
            if (({okhttp: true})[agent.family] || ({Other: true})[osAgent.family]) {
                return res.send({
                    code:1,
                    msg:'你想干啥？'
                })
            }
            /*//防止操作,按钮拦截，无效拦截方式
            if(sendUsername && (username!==sendUsername)){
                return res.send({
                    code:1,
                    msg:'你想干啥？'
                })
            }*/
            if(authorization && global.authorizationList.includes(authorization)){
                next()
            }else {
                res.send({
                    code:401,
                    msg:'请重新登录'
                })
            }
        }else{
            next()
        }
    }
}